connect and protect networks and network security coursera weekly challenge 4 answers
Test your knowledge: OS hardening
1. Fill in the blank: The _____ acts as an intermediary between software applications and computer hardware.
- authorized user
- operating system
- access system
- baseline
2. Which of the following activities are security hardening tasks? Select all that apply.
- Making patch updates
- Disposing of hardware and software properly
- Enforcing password policies
- Exploiting an attack surface
3. Multifactor authentication (MFA) is a security measure that requires a user to verify their identity in at least two ways before they can access a system or network.
- True
- False
4. What are examples of physical security hardening? Select all that apply.
- Installing security cameras
- Hiring security guards
- Removing or disabling unused applications
- Reducing access permissions across devices
Test your knowledge: Network hardening
5. Fill in the blank: Security teams can use _____ to examine network logs and identify events of interest.
- network segmentation
- port filtering
- security information and event management (SIEM) tools
- baseline configuration
6. What is a basic principle of port filtering?
- Block all ports in a network.
- Allow users access to only areas of the network that are required for their role.
- Disallow ports that are used by normal network operations.
- Allow ports that are used by normal network operations.
7. A security professional creates different subnets for the various departments in their business, ensuring users have access that is appropriate for their particular roles. What does this scenario describe?
- Network log analysis
- Network segmentation
- Patch updates
- Firewall maintenance
8. Data in restricted zones should have the same encryption standards as data in other zones.
- True
False
Test your knowledge: Cloud hardening
9. Fill in the blank: A key distinction between cloud and traditional network hardening is the use of a server baseline image, which enables security analysts to prevent _____ by comparing data in cloud servers to the baseline image.
- slow speeds
- damaged data
- improper resource storage
- unverified changes
10. Data and applications on cloud networks do not need to be separated based on their service category, such as their age or internal functionality.
- True
- False
11. Who is responsible for ensuring the safety of cloud networks? Select all that apply.
- Individual users
- Research department
- Cloud service provider
- Security team
12. Fill in the blank: _____ cloud services are a common source of cloud security issues.
- Misconfigured
- Unauthorized
- Shared
- Managed
Weekly challenge 4
13. Which of the following tasks are security hardening practices? Select all that apply.
- Keeping network devices functioning properly
- Updating software
- Loosening access permissions
- Performing port filtering
14. What is the relationship between security hardening and an attack surface?
- Security hardening permanently eliminates the attack surface.
- Security hardening diminishes the attack surface.
- Security hardening expands the attack surface.
- Security hardening increases the attack surface.
15. Fill in the blank: Hiring a security guard is an example of a _____ security hardening practice.
- physical
- virtual
- software-based
- network-focused
16. An organization’s in-house security team has been authorized to simulate an attack on the organization’s website. The objective is to identify any vulnerabilities that are present. What does this scenario describe?
- Penetration testing
- The Ping of Death
- Packet sniffing
- A Distributed Denial of Service (DDoS) attack
17. What are some methods for hardening operating systems? Select three answers.
- Removing unused software to limit unnecessary vulnerabilities
- Implementing an intrusion detection system (IDS)
- Configuring a device setting to fit a secure encryption standard
- Keeping an up-to-date list of authorized users.
18. A security analyst notices something unusual affecting their company’s OS. To confirm that no changes have been made to the system, the analyst compares the current configuration to existing documentation about the OS. What does this scenario describe?
- Checking baseline configuration
- Upgrading the interface between computer hardware and the user
- Responsibly managing applications
- Verifying user identity when accessing an OS
19. Fill in the blank: The security measure multifactor authentication (MFA) requires a user to verify their _____ in two or more ways to access a system or network.
- password
- user permissions
- job title
- identity
20. In what way might port filtering be used to protect a network from an attack?
- By increasing the attack surface within a business network
- By creating isolated subnets for each of the various departments within an organization
- By helping analysts inspect, analyze, and react to security events based on their priority
- By blocking or allowing certain port numbers in order to limit unwanted communication
21. A security team considers the best way to handle the different security zones within their network. They prioritize protecting the restricted zone by separating from the rest of the network and ensuring it has much higher encryption standards. What does this scenario describe?
- Cloud hardening
- Patch updating
- Penetration testing
- Network segmentation
22. What is one key similarity between regular web servers and cloud servers?
- In both, all data and application are stored together, regardless of their service category
- They both use baseline images stored in the cloud to compare data.
- They both require proper maintenance and security hardening.
- In both, all applications are stored together, regardless of their age.
23. To help improve the security of a business, its in-house security team is approved to simulate an attack that will identify vulnerabilities in business processes. What does this scenario describe?
- A Distributed Denial of Service (DDoS) attack
- Packet sniffing
- Penetration testing
- The Ping of Death
24. What is one key similarity between regular web servers and cloud servers?
- In both, all data and application are stored together, regardless of their service category.
- They both require security measures taken by the organization to stay safe.
- In both, all applications are stored together, regardless of their age.
- They both use baseline images stored in the cloud to compare data.
25. Which of the following tasks are security hardening practices? Select all that apply.
- Reducing access permissions across devices and networks
- Installing patch updates
- Disabling unused ports
- Replacing the RAM on the computers
26. What is the term for all the potential system vulnerabilities that a threat actor could exploit?
- Security architecture
- Risk
- Security challenge
- Attack surface
27. Fill in the blank: Installing security cameras is an example of a _____ security hardening practice.
- physical
- software-based
- network-focused
- virtual
28. A company’s executive team approves a proposal by the security director. The proposal involves security professionals simulating an attack on the company’s systems in order to identify vulnerabilities. What does this scenario describe?
- Penetration testing
- The Ping of Death
- Packet sniffing
- A Distributed Denial of Service (DDoS) attack
29. Which of the following are OS hardening tasks? Select three answers.
- Using secure encryption standards
- Implementing multifactor authentication
- Configuring a firewall
- Running regularly scheduled backups
30. A security analyst reviews documentation about a firewall rule that includes a list of allowed and disallowed network ports. They compare it to the current firewall to ensure no changes have been made. What does this scenario describe?
- Verifying user identity when accessing an OS
- Upgrading the interface between computer hardware and the user
- Checking baseline configuration
- Responsibly managing applications
31. Fill in the blank: The security measure _____ requires a user to verify their identity in two or more ways to access a system or network.
- baseline configuration
- network log analysis
- multifactor authentication (MFA)
- password policy
32. Which of the following statements accurately describes port filtering?
- A process performed by a VPN service that protects data by wrapping it in other data packets
- A security technique that divides a network into segments
- A security protocol that provides an encrypted tunnel for issuing commands from a remote server
- A firewall function that blocks or allows certain port numbers in order to limit unwanted network traffic
33. A security team works to ensure that an issue in one area of the business does not spread to others and create more problems. They design subnets for each department, such as one for research and another for finance. What does this scenario describe?
- Patch updating
- Cloud hardening
- Penetration testing
- Network segmentation
34. How can a security professional confirm that no unverified changes have occurred within a cloud server?
- Use port filtering to block or allow certain updates
- Compare the server baseline image to the data in cloud servers
- Establish multifactor authentication (MFA)
- Perform a penetration test
35. What are the purposes of performing a patch update for security hardening? Select all that apply.
- Requiring a user to verify their identity to access a system or network.
- Fixing known security vulnerabilities in a network or services.
- Upgrading an operating system to the latest software version.
- Preventing malicious actors from flooding a network.
36. Fill in the blank: Requiring employees to turn off their personal devices while in secure areas is an example of a _____ security hardening practice.
- network-focused
- virtual
- cloud-based
- physical
37. Fill in the blank: The security measure multi-factor authentication (MFA) requires a user to verify their identity _____ before accessing a system or network.
- in two or more ways
- within 60 seconds
- at least once
- every day